CN105027498A - A method, system and device for securely storing data files at a remote location by splitting and reassembling said files - Google Patents
A method, system and device for securely storing data files at a remote location by splitting and reassembling said files Download PDFInfo
- Publication number
- CN105027498A CN105027498A CN201380063564.3A CN201380063564A CN105027498A CN 105027498 A CN105027498 A CN 105027498A CN 201380063564 A CN201380063564 A CN 201380063564A CN 105027498 A CN105027498 A CN 105027498A
- Authority
- CN
- China
- Prior art keywords
- dsf
- file
- local
- data
- air
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F15/00—Digital computers in general; Data processing equipment in general
- G06F15/16—Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
- G06F15/163—Interprocessor communication
- G06F15/167—Interprocessor communication using a common memory, e.g. mailbox
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Security & Cryptography (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
- Information Transfer Between Computers (AREA)
- Computer And Data Communications (AREA)
Abstract
A method, system and device for securely storing data files at a remote location by splitting and reassembling said files is provided. AIR Storage is a technique comprising splitting into two separate halves a complete file that is stored on a client platform in order to form two separate data split files (DSF); storing a first DSF at a remote location, referred to as a remote DSF, wherein the remote location comprises a network server; storing a second DSF on a local device, referred to as a local DSF, wherein the local device is an external memory operably connected to said client platform, wherein said remote DSF and local DSF lose the ability to display informative content; reassembling the two halves to rebuild said complete file, wherein the splitting and assembling are performed in Random Access Memory on said client platform; and displaying said reassembled file on said client platform. AIR ware is a processing unit located on the client platform, whose main function is to split the complete file into the remote DSF and local DSF, to make the DSFs lose their ability to display informative content, and to separately send the different DSFs on the external memory device operably connected to said client platform and on the network server. When the complete file needs to be used, AIR ware then collects the two different DSFs from both locations according to user instructions, and reassembles the two different DSFs into said complete file on the client platform.
Description
Technical background
The operation of AIR memory technology at least comprises three basic links, and wherein, the first link creates Data Division file, and the second link stores Data Division file, and three link model is assembling Data Division file.
The method of Striping data and assembling obtains application in the practice of IT technology, and it adopts a kind of special computer program to realize the target of oneself, and a typical example is RAID disk.
In RAID, multiple disk forms a large disk side by side in order to store data, and data are split according to the number of disk, and are stored in multiple different sub-disk.
When complete file is required, can be re-assembled to together according to certain algorithm by the data split, thus form complete file.
The object of RAID Striping data is the speed of service in order to improve outer cryopreservation device, and prevents from causing loss of data because of hard disk corruptions.
Outer cryopreservation device is most basic storage tool in traditional electrical brain system, and now, along with the development of network technology, IT field starts to promote cloud and stores.
Cloud stores the limitation breaking through local outer cryopreservation device, thus can improve the degree of freedom of computer storage, but its fail safe is a challenging problem all the time, up to the present, does not have the ideal solution occurring generally acknowledging.
Professional person creates publicly-owned cloud, privately owned cloud, and the new ideas of family's cloud, and object is to reduce cloud storage implementation scope for cost, and to exchange the lifting of cloud storage security for, this just causes the resource consumption of repetition, but results are only press close to local memory module.
AIR memory technology is that its foothold and RAID are completely different for preventing data to be stolen, but AIR storing technology obtains important theories integration from the Striping data of RAID and the mode of data assembling.
AIR memory technology is mainly reflected in the interaction that local platform is in operation between two devices, and Striping data process completes in local memory device.
In data assembling process, long-range DSF downloads to local internal memory from remote server, and converges with local DSF, and it is similar to and is write multiple hard disk dispersedly, and in internal memory, carry out the RAID data of assembling.
Striping data technology is the support of AIR memory technology, and local external equipment and remote server are the platforms that AIR storing technology plays function.
AIR stores and cloud storage is all use network to carry out data storage, unlike, cloud stores and relies on the webserver completely, cannot land in this locality, AIR stores and then make use of network and local two data storing platforms, and initiative rests in local platform all the time.
In AIR stores, Data Division file does not have informedness meaning, therefore, the file obtained from single end storage medium is utterly useless, obtain complete file, this locality stores work together with the network storage, and this is the maximum difference between AIR storage and cloud store.
Summary of the invention
The assembling of long-range isolated data, be called for short AIR to store, it belongs to the invention of data storage technology in IT field, in the art, a complete file is split into the different part of two classes, and be stored in local outer cryopreservation device respectively with the form of Data Division file and by the equipment of the network storage in remote location, comprise the webserver.
When data assembling, the fractionation data that server end stores are downloaded on local platform, and combine the fractionation data in local outer cryopreservation device, form a logical block, thus Data Division file transform become the file of partial data.
Data assembling is the activity of a kind of spanning network two ends platform, and Data Division file flow to local internal memory from cryopreservation device remote server and this locality all, and forms the file of data integrity by data assembling mechanism, and wherein, Data Division file is called DSF.
DSF be separate with incomplete, it is only the data of the half in a complete file, when there is not network condition, it becomes sleep file, cannot be used alone, and second half corresponding DSF of a DSF is opened by Network Separation, and be stored in remote platform, instead of being stored in identical platform, the direct instruction that it accepts user can revert to complete file, instead of by systematic automatic operation.
The meaning that 1st chapter: AIR stores
1. data security
2. systematic function
2nd chapter: Data Division file
1. local DSF
2. long-range DSF
3rd chapter: Data Division and assembly platform
4th chapter: the internal memory in client computer
5th chapter: AIR processor
1. major function
The hardware-core code of 2.AIR processor
The special conservator of login of 3.AIR processor
6th chapter: the internal code of Data Division file
1. the internal code in data assembling process
2. the internal code in deleted file process
3. the internal code in xcopy process
7th chapter: the AIR under different computers system stores
8th chapter: the assembling of long-range DSF and local DSF
9th chapter: the long-range DSF stored at server end
The meaning that 1st chapter: AIR stores
1. data security
The maximum bottleneck of network storage service is that user lacks confidence to network security, and in order to overcome this bottleneck, some users associate safe deposit box.A safe deposit box has two keys, and lack a key, safety box just cannot be opened, and a key wherein is just grasped in the hand of client.
In AIR stores, the data of a complete file are split into two parts, and a part is stored in local outer cryopreservation device, and another part is stored in remote server, and the file of storage lacks data, so it loses the content with informative.
This is similar to safe deposit box, and local outer cryopreservation device is a key, and remote server is another key, if will use the file of entire data, these two keys are indispensable.
In AIR stores, the control of Data Division file is grasped in local platform all the time, the long-range DSF that server end stores must accept the order from local platform, and the assembling process of file data only carries out at local platform, and only has user to have the right to give an order to server.
This has just met a public psychology: " valuables deposit in bank, and the key of safe deposit box is administered by client oneself ".
The controllability of data security is the key point that can user actively use AIR storage mode, even if local outer cryopreservation device is maliciously usurped by other people, information also can not be leaked, because do not have the instruction of specific user, the Data Division file that server end stores can not work.
2. systematic function
The complete file stored in local outer cryopreservation device becomes the fractionation data of half, thus makes the capacity that takies of device reduce to half, and it stores other data more with regard to vacating space, and increases the runnability of device.
Data Division file stores on the server, and the occupancy of Internet resources reduces half, and this also contributes to the network transfer speeds improving data, and alleviates the busy extent of server.
A very long time, IT professional makes great efforts to improve the quality that data store, but, the direction of these effort or be limited to local storage, or be only limitted to the network storage.
AIR memory technology breaks away from the concern limitation of single direction, and it is stored this locality and the network storage combines.
2nd chapter: Data Segmentation file
In AIR stores, Data Division file is called as DSF.
The data of the complete file of client platform are split into two halves, and form two kinds of independently Data Division files, one is that teledata splits file, be called long-range DSF, long-range DSF is stored in the webserver, and another kind is that local data splits in file, is called local DSF, local DSF is stored in the outer cryopreservation device of client platform, and " this locality " wherein refers to client platform.
AIR processor splits the data of a complete file, and object is to make file lose the ability of the display information content, and AIR processor does not possess multiple data and splits function, and the data of file only split into two halves, and one is long-range DSF, and another is local DSF.
AIR processor setting data splits the flow direction of file, and long-range DSF can only flow to server stores, and the outer cryopreservation device that local DSF can only flow to client platform stores, and wherein, local DSF has interface icon, and long-range DSF does not have interface icon.
1. local DSF
Under AIR storage mode, the file be stored in local outer cryopreservation device is called as local data and splits file.
AIR stores the structure of external cryopreservation device and interface does not have specific designing requirement, other data disassemble technique then more or less externally structure of cryopreservation device and interface.
When file is stored in local outer cryopreservation device, user can select data integrity file to store or Data Division file stores, and when user have selected Data Division file mode, this file just can only open and use when being connected to network.
Data Division file can copy between cryopreservation device outside different this locality, also can at some outer cryopreservation device, and the multiple write backup of RAID1 of such as hard disk, in case locking apparatus damages and causes data degradation, simultaneously in order to improve device running speed.
If under AIR memory technology operates in traditional electrical brain connection pattern, so standalone feature of local device, interaction between traditional local platform and server platform, the interaction of local outer cryopreservation device and local memory device, these are all the operation bases that AIR stores.
Data Division file is same as data integrity file, and it follows traditional rule completely, and relies on traditional means to solve shop problem to a great extent.
If traditional means cannot normally work, so use the method that AIR stores, such as, copy Data Division file by the copy function under legacy system and may bring security risk, this can replace it by the copy function of AIR processor, because the copy function of AIR processor is provided with security mechanism targetedly.
The feature of Data Division file is, if you need the complete full and accurate content of display file, this needs network to connect, and needs AIR processor, needs the data to splitting to assemble.
Data Division file can be converted into a complete file according to the selection of user, is then stored in outer cryopreservation device by file, or is stored into remote server.
After file type changes, this file can freely transmit and show, and it is no longer by the constraint of AIR storage rule.In this case, the Data Division file that outer cryopreservation device and remote server store will be automatically left out, and this process can not reverse.
If user thinks again data integrity file transform to be become Data Division file, AIR processor will be that local platform and remote server produce Data Division file again, and new file will have the characteristic of AIR storage.The design of this flow process is in order to avoid system identification is chaotic, and the file in outer cryopreservation device can also be prevented stolen.
2. long-range DSF
Long-range DSF is the Data Division file being stored in remote server.
In AIR stores, a complete file is divided into two kinds of Data Division files, and one will upload to remote server and store, and another kind is sent to local outer cryopreservation device and stores.
The long-range DSF of server end is hiding, cannot detect by common means, and what client platform showed is only the file stored in outer cryopreservation device.
In local memory device, after split point of file, local DSF can only input outer cryopreservation device, and long-range DSF can only upload to remote server, therefore only has the file in outer cryopreservation device to be shown.
For this reason, the long-range DSF of server end can not transfer to local outer cryopreservation device and back up, because the servers' data that local platform can not be seen splits the vestige of file, so this impossible downloads specially.
The Data Division file of local platform is not except being opened and used separately, and it does not have difference with complete file in appearance at icon.The Data Division file of its direct connection server end, user requires to open and use it at any time, and only need click the file icon on computation interface, this is also send a command to remote server, and second half file is corresponding thereto downloaded in request.
Under the prerequisite of interconnection network, the Data Division file of server end downloads on demand, and not from the order of client, file can not be downloaded automatically.This causes network extraordinary busy owing to automatically downloading in order to prevent, and also can prevent unnecessary data from taking the resource of local internal memory.
If comprise some subfiles in a master file, will disposable download in units of master file, subfile cannot be separated and downloaded separately.
Once the file download of server end is to local platform, it is stored in internal memory, and is in the call instruction of ready state waiting system all the time, to prevent midway suspension, and facilitates data rapid extraction.
Long-range DSF downloads to local platform from remote server, and it is limited in internal memory, does not allow to be transferred to local outer cryopreservation device.In view of the physical characteristic of memory device, file automatically will disappear after shut down of computer.
3rd chapter: Data Division and assembly platform
User independently operates local DSF at client platform, and this is the feature that AIR stores, and long-range DSF is controlled by local DSF, and this is another feature that AIR stores.
Now, Data Division is a kind of conventional technology, and the product of this technology can run in computer system automatically, they or run on the webserver, or operate on client platform, they do not collapse more network and the function run, can not by user's direct control.
In AIR stores, file is divided into local DSF and long-range DSF before storing.Code in same text is divided into two halves, and text cannot be shaped thus, the meaning of this file also drop-out.
The fractionation of file data performs in local internal memory, because internal memory has the interim characteristic stored, computer after power is turned off, all will lose by all data be not stored in outer cryopreservation device.
Local DSF is defined in and is stored in outer cryopreservation device, and long-range DSF is defined in storage on the server, and these two kinds of files all can not be stored in the offside of their media each other.
When breaking in a network, being stored in local DSF is that the content not possessing reading meaning can be shown.
When network is connected, the long-range DSF being stored in server end is downloaded in local internal memory, and in this case, the local DSF being stored in outer cryopreservation device also can be collected in internal memory, and performed the data assembling of itself and long-range DSF by certain algorithm, so that the complete content of display file.
Server end stores long-range DSF, but this file is undertaken processing and uploading by the AIR processor be arranged on local platform; Server end can not Update Table.Server end does not possess corresponding second half and splits data, and thus it also can not assemble file.
The platform of Data Division and assembling must at customer platform, and server does not perform any operation.This platform neither be local outer cryopreservation device, but the memory device of this locality.
Outer cryopreservation device has local data and splits file, and memory device has the teledata downloaded from server and splits file, as long as assemble successfully this two parts file, file access pattern flow process also just completes.
Memory device and and outer cryopreservation device be positioned at same local platform, this belongs to the interaction in identical platform between two devices, so be easy to the data building data handling system and assembling.
4th chapter: the memory device of client computer
AIR storing technology can be used in two kinds of computer system, and they are traditional computer system and the system computerized system of elastic operation respectively.
Elastic operation is system computerized be same inventor another invention, its most important feature is that the operating system of computer is divided into two parts, main part is wherein mounted on the remote server, and must download on demand in the internal memory of client platform and run.
Meanwhile, it has invented a kind of new computer hardware device OSPU, and this hardware unit is integrated with the basic data of operating system.
In traditional system, the very most of data be stored in local outer cryopreservation device are operating system, and under elastic operation system of systems, outer cryopreservation device is no longer the carrier of operating system, and it is only common data storage facility.
Under traditional computer system, AIR storage is one and independently invents, but under the system computerized system of elastic operation, AIR storage belongs to subsidiarity invention.
No matter be apply in traditional system, or apply in the system computerized system of elastic operation, AIR stores all needs the physical characteristic utilizing memory device.
These are all reflected in the following aspects:
(1) in memory device, Data Division file is produced.
(2) Data Division file is sent to local cryopreservation device from local memory device and remote server stores respectively.
(3) file that can not be transmitted in time by system will be temporarily stored in memory device, as long as computer does not shut down, file is by sustainable existence.
(4) Data Division file needs to be transferred to memory device by from outer cryopreservation device and remote server, and the assembling of data will complete in local memory device.
(5), after data assembling completes, new complete file is temporarily stored in local memory device.If do not transfer to the order of other media, when shut down of computer, it can disappear, the state that then Data Division file access pattern is original.
When file is present in local memory device, have two options for user preserve file time select, they respectively:
(1) text is preserved.In this case, any change in file all will be saved, and preserve with the form of complete file.
(2) DSF preserves.In this case, file will be split into two Data Division files automatically, and original document will be capped.
Selection text is preserved, and have two selections further, they are:
(1) be temporarily stored in memory device, let alone to disappear after shut down of computer.
(2) transfer to outer cryopreservation device, or remote server stores.In this case, former Data Division file will be deleted automatically by system.
The memory device of client computer remains for the special area of Data Division and assembling in advance, is beneficial to not conflict mutually with the data flow of other type in system.
These two halves Data Division file successfully must be assembled in memory device, if data cannot successfully be assembled, this file may become dead shelves.
5th chapter: AIR processor
AIR processor is a chip being integrated with that AIR stores application program, and it is the instrument splitting data and assembling data, is the switching center of file type, the transmission channel of long-range DSF and local DSF, and is the protective device of Data Division file.
AIR processor can forever be arranged on mainboard, also can make external device, is convenient to user and carries.
In the process of transfer of data, the hardware information of AIR processor is added in safety measure, thus the vulnerable and easily modified shortcoming of software can be overcome, and, even if local DSF is stolen, other people also cannot use, because other AIR processor does not have the hardware-core code of original AIR processor, in addition, third party does not differentiate by the user that server is strict usually.
All long-range DSF and local DSF must flow through this passage of AIR processor, all orders being sent to server all must by this passage of AIR processor, all orders of uploading all must be encrypted by AIR processor, the long-range DSF of all downloads obtains first by server for encrypting, is then deciphered by AIR processor.
The major function of 1.AIR processor
AIR processor is the unit of the process AIR storage data being positioned at client platform, its major function is that a complete file declustering is become long-range DSF and local these two parts of DSF, and make long-range DSF and local DSF lose the ability of the display information content, again long-range DSF is sent to server to store, local DSF is sent to local outer cryopreservation device to store, when needed, it is assembled fractionation data, make the state of file access pattern data integrity, then the file recovered is presented on local platform.
AIR storage relates to file data and to split and file data assembles this two main aspects, but also relates to other slave sides a lot, and as arranged security measures, the special system tool of these needs guides and processes.
This system tool is custom-designed utensil, is called as AIR processor.AIR processor has computer application program and the definition of two kinds, computer hardware device, and the AIR processor as computer application program is arranged on local platform, for realizing the repertoire that AIR stores.
In traditional computer system, it can be arranged on the outer cryopreservation device of such as local hard drive etc. together with operating system.In the system computerized system of elastic operation, AIR processor can be integrated in OSPU.
When user selects AIR memory function, file declustering will be automatically two parts by AIR processor, and a part is sent to outer cryopreservation device, and another part is sent to remote server.
AIR processor is the internal code that Data Division file generated that two parts are correlated with is identical, but file icon is then only connected to local DSF.
AIR processor will strictly forbid that two parts Data Division file enters identical memory channel.
When user uses file, user instruction is sent to remote server by network connection device by AIR processor, then the Data Division file downloaded from server end is directed to local memory device.Data Division file in cryopreservation device outside this locality is directed to local memory device by AIR processor.AIR processor uses particular algorithm to assemble the fractionation data pooled together, and is then recovered completely by file.
Assembling data from two different channels, then processed by AIR processor, the file formed like this provides a new file type certainly, and newly file type cannot by system identification with can not normally show.
In this case, the AIR processor meeting file that generation one is new is automatically to replace assembling file, and the file type of new file will fully adapt to the requirement of traditional system.
Newly-generated file can only temporarily be preserved and operate on memory device, the change of file can be stored in internal memory, when file needs to close, user can select DSF to preserve, now, new file is split data by AIR processor again, and new Data Division file will cover original document.
AIR processor does not limit the type and model of outer cryopreservation device, as long as user selects AIR to store, often kind of outer cryopreservation device all can work.
The AIR processor file that restricting data does not split the partial data of file and other type is stored in same outer cryopreservation device, but when only activating local DSF, AIR processor just can work.
The hardware-core code of 2.AIR processor
AIR processor has hardware-core code, and when order is sent to the webserver from local DSF, when requiring to download corresponding long-range DSF, the hardware-core code of AIR processor is also sent to server, for server authentication.
The hardware-core code of AIR processor is covered code, is encrypted, and deciphered by server when it is sent to server.
If the hardware-core code of AIR processor and server record do not meet, server can require that user provides detailed identity information and other authorization information of arranging in advance, and only have by server authentication, long-range DSF downloads and just can be processed.
3.AIR processor logs in special memory
When Data Division file is activated, server needs the network account log-on message of user, and this information is sent out by the login method of the server of routine, but in this case, repeat logon is needs, otherwise system is always in logging status.
From local DSF upload command to server, the login name of user and password are the important component parts of server inspection message, and the situation that any information does not meet the original record of server occurs, server is by the download command of the corresponding long-range DSF of refusal.
If AIR processor is forever arranged on computer main board, once host computer is stolen, the risk of data integrity file dressed up by Data Division file by group of networks by third party by having.Planned network logging program, exactly for preventing this risk.
User can input login name and password once, and the then logging status of keeping system, until network exits or closes computer, in this case, user is without the need to repeat logon.
User can also select repeat logon method to enable file.
The special memory of AIR processor integration type registering, this is another kind of selection for user provides, and user oneself does not need repeat logon server, and system does not need always to be in logging status yet.
In AIR processor, integrated micro memory subassembly aims at the interim login name and the password that store user, when user activates local DSF, as long as once input log-on message, so no matter the file of how many times is activated, and the log-on message of user all directly can be transferred to server by AIR processor.This transfer login process is hiding, can not be presented on computer monitor.
As the physical characteristic of memory device, once the power supply of AIR processor is interrupted, logging in the user login information stored in special memory can all disappear immediately.
The data channel logging in special memory is conditional, and it is only for storing user login information temporarily, and other data any will be accessed this memory and all can be rejected.
The special memory of login and the AIR processor cores code of AIR processor are combined into one, and this can make the use of Data Division file more easily with safer.
6th chapter: the internal code of Data Division file
The data of file split by AIR processor, are that long-range DSF and local DSF generate internal code automatically simultaneously; The file only possessing internal code just can be accepted by AIR processor and allow to enter AIR Stored Procedure.
Internal code just can not change once generation, and it belongs to covered code, only for system identification, and not known to user, the internal code of DSF together can be replicated with local DSF.
1. the internal code in data assembling process
Internal code is the code for AIR processor identification DSF, and the mutual identification between server and client side's platform for long-range DSF and local DSF code, it or two kinds of files are assembled in the internal memory of client computer time cognizance code.
Long-range DSF is the degree of depth hidden file of server end, and it can not be presented at server and client side's platform independently, nor can find trace by common technological means at server end.Except using local DSF and its internal code, it has no idea to be located and download.
User clicks the icon of the local DSF on client platform, namely sends order to server, requires to download corresponding long-range DSF.
In AIR stores, file has four marks, and they are filenames, the log-on message of network, the internal code of DSF, and the hardware-core code of AIR processor.
The internal code of Data Division file is sightless code, is only system identification, and user cannot detect.
2. the internal code in deleted file process
Except working in data assembling process, internal code also works in the process of deleted file.
From the angle of local platform, the long-range DSF of server end remains hidden state, therefore deletes the local DSF in outer cryopreservation device, just means and delete relevant All Files.
It is deleted that outer cryopreservation device can't help stopping any file, also can not arrange implied terms to file erase, so deleted when local DSF can break in a network.
In this case, the long-range DSF of server end likely will become garbage files, forever be accumulated in the storage device of server.
Under the system computerized system of elastic operation, file erase mechanism is in an operating system assembled as complete program, and therefore, solution given here is mainly for traditional computer system.
File in memory device by the process of AIR processor, and is divided into two parts Data Division file.While Data Division file is generated, AIR processor distribution internal code gives this two new files, using as system identifier.
Delete the Data Division file at network two ends, only need to delete local DSF, in this case, the internal code of local DSF is also deleted, and the action of deleting local DSF and its internal code can be transformed into the order of deleting corresponding long-range DSF.
User deletes the local DSF in outer cryopreservation device, and he only need click the icon of this file, and the order of deleting corresponding long-range DSF will send to system in time.
Just in case network can not connect, AIR processor will remember this delete command, until network connects.Once network connects, AIR processor will send delete command by network interface unit to server automatically.Then, server can delete corresponding long-range DSF automatically according to the internal code of DSF.
The pending program of delete command is applicable to original document and xcopy simultaneously.
3. the internal code in xcopy process
Original document can be directly connected to server, and xcopy also can direct connection server, and they all need the login of network account and the checking of AIR processor identity information.
Under traditional system, xcopy and original document have the identical mandate be modified and specify.
In AIR stores, two options are had to be supplied to user: (1) xcopy does not allow amendment; (2) xcopy allows to modify.
If user selects " xcopy does not allow amendment ", once file is modified and requires to preserve, new file carries out new Data Division by by AIR processor, then stores with the form of new Data Division file.
In this case, new Data Division file can not cover original Data Division file.
If the user of xcopy selects " xcopy allows to modify ", and use xcopy to revise in full, so, original document will cancel.
DSF internal code is a kind of code that can copy, and the file therefore copied still can pass through system identification.
7th chapter: the AIR under different computers system stores
The operation rules of various computer system is considered in the design that AIR stores, as long as AIR processor is arranged on the client platform of computer, it just can follow all operations rule of traditional system.
Meanwhile, it also can be subject to the impact of some defect of traditional system.Such as, computer operating system is permanently installed in local outer cryopreservation device, and this makes outer cryopreservation device become the focus of computer virus attack, and local DSF is stored in such device, will suffer its evil unavoidably.
In another example, AIR stores the operation rules following legacy system, and it is not limited in the file copy between outer cryopreservation device, paper cut, and the action that file is pasted, and also the file do not limited between outer cryopreservation device and remote server transmits mutually.The operation of this system depends on the program that computer writes and guides and perform, and the program that computer is write easily is subject to people for distorting, and this is safe weak spot.
The focus of attack of virus and hacker will change the DSF stealing and store in local outer cryopreservation device and remote server into.Client platform freely can install application software, and this is also the software slot milling of illegal assembling DSF data.
So AIR storage is more suitable for being applied to the system computerized system of elastic operation.
Elastic operation is system computerized is a kind of new computer platform, and its operating system and application program are a kind of designs newly, and AIR memory function and safety measure are embodied in the design of system all in detail.
First, elastic operation system does not allow freely to install application software at client platform, and application program will be downloaded by from server end, and through strict safety detection, therefore virus and hacker lose the chance utilizing application program to stir up trouble.
AIR processor during AIR stores permanently fits together with the foundation of elastic operation system, and this can not be illegal objective and malicious modification.
The outer cryopreservation device of client platform does not run the operating system of host computer, and therefore it is no longer the primary challenge target of virus and hacker, and this promotes the fail safe of Data Division file indirectly.
The second, the OSPU during elastic operation is system computerized can strengthen the inspection to hardware identifier and encrypted code in network data transmission, and this is than the account title and the user cipher that depend on merely network, or other software cryptography safety measure is more effective.
In addition, in the system computerized system of elastic operation, network activity becomes main computer movable, and the network storage becomes main date storage method.Remote server can be automatically uploaded in the data of client platform generation store.But the data that system is uploaded automatically do not comprise local DSF, because it needs to be stored in client platform.
In the system computerized system of elastic operation, the effect of the outer cryopreservation device of client platform weakens greatly, thus AIR storage may be more meaningful in traditional computer system.
8th chapter: the assembling of long-range DSF and local DSF
When the function that AIR stores is activated, a file is divided into a two halves Data Division file.
In conventional systems, user is only to see the icon of local DSF from the operation interface of computer.In elastic operation is system computerized, the operation interface of computer does not show the icon of local DSF automatically, and when only having outer cryopreservation device to be activated, file icon is just presented at interface.
The long-range DSF of server end remains hidden state, and this just determines it is controlled by client platform.
In interaction between client platform and remote server, client platform is active status, and server end occupies passive status.
User clicks the local DSF be stored in local outer cryopreservation device, and this is equivalent to click the long-range DSF being stored in remote server, and now, the file at network two ends will activate at one time.
When network connection is not good or Internet Transmission is not in good state, the long-range DSF of server end cannot download to local internal memory sometimes, and in this case, local DSF can not be activated.
Local DSF and long-range DSD are set up by network and are directly connected, and confirm this annexation by the internal code of DSF.
Before the local DSF of client platform enters assembly program, have to pass through AIR processor, it is walked around AIR processor and directly enters memory device, will lose assembling ability.
User clicks the icon of local DSF, send the order of local DSF and internal code to remote server, first thing will get server address from AIR processor exactly, AIR processor can be encrypted order and internal code, and sends to network interface unit together with the hardware-core code of AIR processor.
The port of network interface unit monitored by AIR processor, if server responds, AIR processor will receive long-range DSF by network interface unit, decipher and long-range DSF is transferred to memory device, local DSF flows through AIR processor and arrives memory device simultaneously, and two-part Data Division file starts assembling.
The file assembled is complete to be presented on computer monitor, no matter whether it is modified, as long as file adopts AIR storage means to preserve again, the data of this file will be split again, at that time, the data content of long-range DSF and local DSF can change, and Data Division file originally will be capped.
But AIR processor provides writing protection function, if user is provided with write-protect, system repeating refusal file preservation and revising, in this case, the data content of local DSF can not often become, and is suitable for long term backup.
9th chapter: the long-range DSF being positioned at server
The long-range DSF of server end can be split and be stored on multiple server again, in the case, as long as the order of the corresponding long-range DSF of the download sent from local DSF is received by the fractionation part of a long-range DSF, other fractionation part of long-range DSF is by mutual transferring command and download simultaneously.
Long-range DSF is in hidden state, and therefore, the startup of file is from client platform, but client platform cannot the security mechanism of alternative server.A series of network security measures that AIR processor is arranged all will observe the security requirement of server.
User clicks local DSF can directly download long-range DSF, and lacks any proving program of server, and this will produce potential safety hazard because outer cryopreservation device may fall into other people hand, and other people and be not authorized to use file.
Had log-on message and the hardware-core code of AIR processor, this just can effectively eliminate above-mentioned hidden danger.As long as information is not known to other people, as long as the kernel code of AIR processor and the record of server are not inconsistent, file is just invalid.
Under traditional computer system, file in local outer cryopreservation device can transfer to arbitrarily online personal account, DSF is no exception, but this process has walked around AIR processor, lose the support of AIR processor, do not belong to the function that AIR stores, so, the attribute that this file does not have AIR to store, it is only controlled by traditional rule.
AIR processor is installed on client platform, and whole instruction is all send from client platform, and remote service applicator platform is assistant's platform, can only accept instruction passively.
But server is also a computer apparatus, it also usage data striping technology can carry out deal with data and preserves data, but Striping data technology does not here have tie-point with the AIR memory technology operated on local platform.
In AIR stores, only long-range DSF can be sent to remote server.Server only has long-range DSF, does not possess the local DSF of AIR memory attribute, even if it uses other Striping data technology, also cannot enter file assembling flow path.
Long-range DSF has been preset flow direction, and it only can download in local memory device and runs, even if server can use other Striping data technology, it can not change the flow direction of data.
The file that server end stores also can be split, and long-range DSF can be split into many parts of files, and is stored into other webserver for data backup, but this does not belong to AIR storage.
Other Striping data technology of server end is that it is the automatic function of server, does not need subscriber authorisation, but AIR storage has the feature that user independently manipulates for the treatment of user's preservation complete file on the server.
Drawing brief description
The storing process of DSF in Fig. 1: AIR storage
In FIG, the file that user generates splits into local data by AIR processor to split file and teledata fractionation file.Local data splits file and is stored in client computer.Teledata splits file and is sent out and is stored into server.
The assembling process of DSF in Fig. 2: AIR storage
In fig. 2, local data splits file is the enterprising row relax of memory device being directed to client computer by AIR processor.Be directed in the memory device of client computer by AIR processor after teledata splits file download and process.
Together with then AIR processor is combined into local data fractionation file and teledata fractionation file, and they are returned to original user's spanned file.
Fig. 3: the contrast of similar techniques
See explanatory note in figure.
Disclosure of the present invention is as follows:
AIR storage is the invention of relevant data storage means in IT field.
Data are stored in local outer cryopreservation device or are stored in the webserver, and these two kinds of methods have and respectively have advantage, also there are some fatal weakness separately simultaneously.
Such as, if be stored on the webserver by file, there is information hidden danger out of control in this.Such as, if file to be stored in local outer cryopreservation device, there is the stolen threat of information malice in this.
AIR stores and deposits weakness and the technical solution that designs for conventional method institute exactly, it while also fully absorb the advantage of conventional method.
First, AIR stores the fail safe improving data and store.In the present invention, except data owner oneself, nobody can obtain complete data message.
Secondly, AIR storage improves the degrees of freedom that data store.In the present invention, the gap between storage media types reduces.Data store with the form splitting file, therefore, no matter are be stored in remote server, or be stored in local hard drive, or are stored in other local outer cryopreservation device, all same safety of data.
In addition, AIR stores the controllability strengthening data.The Data Division file of remote server is by the Data Division document control in cryopreservation device outside this locality, and the control of local platform is grasped in user's hand, and only the documentary owner just has the right to assemble file.
AIR storage can be used in two kinds of computer systems, and they are traditional computer system and elastic operation computer system, wherein, and system computerized another invention belonging to same inventor of elastic operation.In traditional computer system, AIR storage is one and independently invents, and in the system computerized system of elastic operation, AIR storage belongs to dependent invention.
In AIR stores, the file that computer produces, before being sent to storage medium, can be split into two parts Data Division file, and a part is sent in local outer cryopreservation device and stores, and another part is sent to remote server and stores.
Two parts Data Division file cannot show the significant information content, and therefore computer user before using it, first must complete the process of data assembling.
In AIR stores, the fractionation of file data, file directionality sends, and document flow is to local memory device, and file assembling, and this series action all will be processed by AIR processor.
In traditional computer system, AIR processor is arranged on local platform, the special purpose device that AIR stores can be belonged to, also can be a kind of special computer application program, no matter be special purpose device, or special purpose computer program, they all need the platform of stopping over, if do not have concrete local platform, AIR storage cannot normally work.
In the system computerized system of elastic operation, the function of AIR processor is merged at computer operating system, and it becomes a part for elastic operation entire system function.
Reference
1. Striping data
Wikipedia, freely encyclopedia
Author and the date not quite clear
Network address: http://en.wikipedia.org/wiki/Data_striping
2. the RAID rank of standard
Wikipedia, freely encyclopedia
Author and the date not quite clear
Network address: http://en.wikipedia.org/wiki/Standard_RAID_levels
3. exclusiveness or " XOR "
Wikipedia, freely encyclopedia
Author and the date not quite clear
Network address: http://en.wikipedia.org/wiki/XOR
Claims (amendment according to treaty the 19th article)
1. the method for a safe storage complete file, first described complete file fractionation is become two independent Data Division files by the method, then a Data Division file is wherein stored on the equipment of a remote location, and another part of Data Division file is stored on the local device, the method comprises the following steps:
Data Division, complete file portion being stored in client platform via AIR processor is split into two half separate parts, to form two parts of separated Data Division files (DSF), described AIR processor can produce an internal code as file identification symbol, this internal code is integrated in described two independent Data Division files, wherein, described internal code is not by user is discovered, it is identical in two independently Data Division file, and it just can not be revised once generation;
First part is stored in remote location equipment, and the DSF containing described internal code, is called as long-range DSF, and the flow process storing this long-range DSF comprises:
By being positioned at the network interface unit of client platform, connect the webserver that provides AIR stores service;
The described long-range DSF comprising internal code is sent to the described webserver from client platform automatically by system;
The hardware-core code of described AIR processor is sent to the described webserver from client platform automatically by system;
The described webserver receives the long-range DSF sent from client platform, and this long-range DSF comprises the hardware-core code of internal code and AIR processor;
The hardware-core code of the AIR processor received described in server check and the record of described network server end, to define validity;
Under the running of server system, the hardware-core code of the AIR processor received, the corresponding long-range DSF to receiving, sets up connection relation in network server end;
Described long-range DSF is stored in the equipment of remote location, and the equipment of this remote location mainly comprises the webserver;
Second part is stored on local device, and the DSF containing internal code is called as local DSF, and wherein said local device refers to the external equipment being operably connected to described client platform;
The technical characteristic of the method is, described long-range DSF and local DSF all loses the ability of the display information content;
When the file of partial data needs by use, two parts of different DSF, via AIR processor, to collect from the position that two are separated according to user instruction and assemble together, and the flow process should collecting DSF file data by AIR processor comprise:
Send the order of collecting DSF data, this collection order generates from described local DSF, the internal code of described local DSF and the hardware-core code of AIR processor are together encrypted by AIR processor, be sent to the webserver by network interface unit again, this process is started after described client platform clicks local DSF icon by described user;
Under the operation of described AIR processor, local DSF is transferred in the memory device of client platform;
The order of DSF Data Collection is received by the described webserver;
User is by the log-on message of system command input network account, and then system starts the network account logging in described server end;
This network account logins successfully, record of this expression webserver and the hardware-core code match of the AIR processor received;
After the hardware-core code matches success of AIR processor, whether the internal code of the local DSF received by described webserver checking, match with the internal code of the long-range DSF of network server end;
Internal code is after the match is successful, and described in described web server retrieves, long-range DSF is in the address of server end, encrypts this long-range DSF, and the long-range DSF of encryption is sent to client platform;
Client platform receives the long-range DSF of described encryption by network interface unit;
Decipher this long-range DSF via described AIR processor, and via AIR processor, the long-range DSF of this deciphering is sent in the memory device of client platform;
Data recombination, to be rebuild by two kinds of different DSF via this AIR processor and become complete file, the process of this data recombination comprises:
Assemble described long-range DSF and described local DSF, and form a logical block by AIR processor by them;
A kind of algorithm of computer program is used to convert described logical block the file of a partial data to;
The newtype file of a adaptive system completely requirement is produced, the file of the partial data required with the file type of replacing the system of being not suitable with via AIR processor;
Data recombination success, complete file is shown in client platform;
The technical characteristic that AIR stores is, the fractionation of described data and the operation of restructuring are all perform in the memory device of client platform, and the webserver does not perform any operation;
AIR storage comprises deletes long-range DSF from the described webserver, and deletes the flow process of local DSF from described client platform, and this flow process comprises:
By described network interface unit, delete command is sent to the webserver, this delete command comprises the internal code of the local DSF through the encryption of AIR processor;
Described webserver receiving package is containing the delete command of described local DSF internal code;
Deciphered by the described webserver the local DSF received internal code and retrieval long-range DSF in the address of network server end, wherein, this long-range DSF is integrated with the internal code identical with described local DSF;
Network server end performs the delete command received, and deletes and has the long-range DSF with the local DSF internal code same code received;
After the long-range DSF of network server end is deleted successfully, a delete command can be sent to client platform from the webserver;
Local DSF on client platform is deleted.
2. the method for a complete file of safe storage according to claim 1, it is characterized in that, newly-generated file is only temporarily preserved and is operated in local memory device, and any change that file suffers all can be temporarily stored in this memory device.
3. the method for a complete file of safe storage according to claim 1, is characterized in that once only having the data of a file to be split.
4. the method for a complete file of safe storage according to claim 1, it is characterized in that, described AIR processor is the system of an encapsulation (SiP), the hardware-core code of described AIR processor is a kind of covered code, as the identification marking of the webserver, in data transmission procedure between client platform and the webserver, the hardware-core code of AIR processor is encrypted by described AIR processor, or be decrypted by the webserver, the content of described AIR processor comprises:
A kind of non-volatile memory medium, for storing the sensitive data of AIR processor, sensitive data is wherein the hardware-core code of AIR processor, and a kind of computer program write instruction AIR processor and how to have executed the task;
A kind of volatile memory, to provide the ability of user's temporary transient storage networking Account login name and login password, wherein stored user login name and login password are hidden, not for user discovers;
A kind of non-volatile memory medium, for storing a kind of computer program writing monitoring function, the sensitive data of this computer monitor program monitoring AIR processor and other data of write AIR processor volatile memory, if the sensitive data of AIR processor is edited, described monitoring program can delete all sensitive datas of AIR processor.
5. the method for a complete file of safe storage according to claim 1, is characterized in that, the AIR processor built-in code of unique process DSF.
6. the method for a complete file of safe storage according to claim 1, is characterized in that, comprise the processing method of deleting local DSF, and the handling process of the local DSF of this deletion comprises:
When a local DSF is required to delete by user, a delete command can be sent to the webserver, and this delete command comprises the internal code of the described local DSF via the encryption of AIR processor;
The webserver receives the delete command with described local DSF internal code;
Deciphered the internal code of the local DSF received by the webserver, and retrieve the address of long-range DSF at server end, this long-range DSF is integrated with the internal code identical with local DSF;
The webserver performs the delete command received, and deletes the long-range DSF with the internal code received with same code;
When the long-range DSF of network server end deletes successfully, a delete command can be sent to client platform from the webserver;
The local DSF of client platform is deleted.
7. the method for a complete file of safe storage according to claim 1, is characterized in that, described long-range DSF and local DSF is the incomplete files of data.
8. the method for a complete file of safe storage according to claim 1, it is characterized in that, described local DSF can copy on the local device, and local DSF has multiple duplication ability (such as RAID1 hard disk), to prevent loss of data, when DSF copies situation generation, DSF internal code and local DSF copy simultaneously.
9. the method for a complete file of safe storage according to claim 1, it is characterized in that, operate if local DSF is bypassed AIR processor, this local DSF loses the ability entering data assembling flow process.
10. the method for a complete file of safe storage according to claim 1, is characterized in that not having corresponding local DSF as entrance and bridge, long-range DSF cannot be accessed, in addition, under any circumstance, described long-range DSF cannot copy in network server end.
The method of a complete file of 11. safe storage according to claim 10, it is characterized in that, described corresponding local DSF refers to that portion has the DSF of local storage system attribute, this local DSF is stored in local external equipment or similar mediums, and it has the internal code identical with long-range DSF.
The method of a complete file of 12. safe storage according to claim 1, it is characterized in that, described long-range DSF can be split and is stored in multiple webserver, wherein, once the order of collecting data is generated by corresponding local DSF, and received by the webserver, each piecemeal of the described long-range DSF split again can all start and download to client platform simultaneously.
13. the method for a complete file of safe storage according to claim 1, it is characterized in that, if described long-range DSF is edited in network server end, it enters the ability of data assembling flow process by losing.
The method of a complete file of 14. safe storage according to claim 1, it is characterized in that, if network connects unavailable, the order generated by local DSF is encoded into local DSF under the operation of AIR processor, and becoming available once network connection, described order is performed.
The method of a complete file of 15. safe storage according to claim 4, it is characterized in that, one, for the computer program of volatile memory in monitor data write AIR processor, only allows username and password to be saved in the volatile memory of AIR processor.
The method of a complete file of 16. safe storage according to claim 4, it is characterized in that, be stored in the username and password in AIR processor volatile memory, in order to store dedicated network account by the AIR of system auto login user, same subscriber before the power-off of AIR processor without the need to repeatedly inputting log-on message.
17. the method for a complete file of safe storage according to claim 1, it is characterized in that, between DSF is from client platform to webserver transmission period, DSF has four kinds of identifiers for webserver identification.
18. the method for a complete file of safe storage according to claim 17, it is characterized in that, these four DSF identifiers comprise: filename, the internal code of DSF, the log-on message of user and the hardware-core code of AIR processor.
Claims (63)
1. the assembling of a long-range isolated data, namely AIR stores, it is characterized in that, the a complete file being positioned at client platform is split into two halves, and form two parts of independently Data Division files, portion is that teledata splits file, i.e. long-range DSF, long-range DSF is stored in the equipment of remote location, comprising the webserver, and portion is that local data splits file, i.e. local DSF in addition, local DSF is stored in the outer cryopreservation device on client platform, and wherein this locality refers to client platform.
2. assembling according to claim 1, it is characterized in that, data assembling is the activity of a kind of spanning network two ends platform, Data Division file flow to local memory device from cryopreservation device remote server and this locality, and by data assembling flow process to form a complete file, wherein, Data Division file and DSF file.
3. DSF according to claim 2, it is characterized in that, DSF is isolated and segmentation, and it only comprises the data of the half in a complete file, when there is not network condition, it becomes sleep file, be not used alone, corresponding another part of DSF of a DSF is by Network Separation and be stored in remote platform, they not by system autostore on same platform, they accept the direct instruction of user with the file that regains one's integrity, and system of can't help carries out the operation of file access pattern automatically.
4. assembling according to claim 1, it is characterized in that, AIR processor is a processing unit being positioned at the AIR on client platform and storing, its major function is that a file declustering is become long-range DSF and local DSF, and make long-range DSF and local DSF lose the ability of the display information content, and long-range DSF is sent to server and stores by it, local DSF is sent to local outer cryopreservation device to store, when file needs by use, data are carried out the good working condition of assembling and recovery file by AIR processor, and make the content of informative that has of file be shown in client platform.
5. local DSF according to claim 1, wherein said AIR store a feature, and that is another feature that user independently operates local DSF, AIR storage at client platform is that user controls long-range DSF via local DSF.
6. AIR according to claim 1 stores, and it is characterized in that, long-range DSF and local DSF are by the integrated identical internal code of AIR processor, and internal code just cannot change once generation, and it has the attribute copied together with local DSF.
7. long-range DSF according to claim 1, it is characterized in that, long-range DSF is the degree of depth hidden file being positioned at server end, so it can not be shown in server and client side's platform independently, not known to user, and it cannot find trace by common technical means in server end, except using local DSF and its internal code, it has no idea to locate and download.
8. local DSF according to claim 5, is characterized in that, user clicks local DSF icon on client platform, in order to send order to server, requires to download corresponding long-range DSF.
9. long-range DSF according to claim 7, is characterized in that, when the order of downloading described file is sent to server from local DSF, server will require that user inputs login name and the password of its network account.
10. long-range DSF according to claim 9, is characterized in that, the hardware-core code of user login information and AIR processor is the important information that server checks, information does not meet the original record of server, and refusal is downloaded corresponding long-range DSF by server.
11. long-range DSF according to claim 9, it is characterized in that, the long-range DSF being positioned at server end has again to be split and is stored in the attribute on multiple server, in the case, as long as a partitioning portion receives the download command sent from local DSF in corresponding long-range DSF, the partitioning portion of other long-range DSF will transferring command and simultaneously downloading each other.
12. AIR processors according to claim 4, it is characterized in that, AIR processor is the application program that a kind of AIR stores, it is integrated on chip usually, it is the instrument of split and assembling data, being the switching center of file type, is the transmission channel of long-range DSF and local DSF, is the protective device of Data Division file.
13. AIR processors according to claim 4, it is characterized in that, described AIR processor has hardware-core code, when order is sent to the webserver from local DSF, when requiring to download corresponding long-range DSF, the hardware-core code of AIR processor is also together sent to server and is used as checking.
14. AIR processors according to claim 4, it is characterized in that, AIR processor is permanently installed on the mainboard of computer, or is made into external device (ED) for user and carries.
15. AIR processors according to claim 13, is characterized in that, described AIR processor hardware kernel code is covered code, and when being sent to server, it by encrypted, then is deciphered by server.
16. AIR processors according to claim 13, it is characterized in that, if AIR processor hardware kernel code does not mate with server record, the authentication information that server will require user to provide the agreement in advance such as detailed identity information, only have the inspection by server, the download of long-range DSF just can be processed.
17. AIR processors according to claim 13, it is characterized in that, before local DSF on client platform enters data assembling program, must first flow through AIR processor, local DSF gets around AIR processor and directly enters in the memory device of client computer, and it will lose data assembling ability.
18. AIR processors according to claim 4, it is characterized in that, AIR processor is when splitting the data of file, automatically generate internal code simultaneously and this internal code be integrated in long-range DSF and local DSF, the file only with internal code just accepts for AIR processor and allows to enter AIR Stored Procedure.
19. AIR processors according to claim 4, it is characterized in that, all long-range DSF of flowing in systems in which and local DSF have to pass through AIR processor passage, the order of the long-range DSF of all downloads all must be sent to server via AIR processor passage, all download commands being sent to server must be encrypted by AIR processor, the long-range DSF of all downloads will first by server for encrypting, is then deciphered by AIR processor.
20. AIR processors according to claim 4, is characterized in that, AIR processor integration type registering private memory, it is selected for user provides another kind of, under this selection, user does not need oneself repeat logon server, and system does not need to be in logging status all the time yet.
21. login private memories according to claim 20, it is characterized in that, AIR processor integrated micro memory body, be exclusively used in the login name of network account and the interim storage of login password, when user starts local DSF, as long as disposable input log-on message, then no matter file has how many times to start, and the log-on message of user directly will be sent to server by AIR processor.
22. login private memory according to claim 20, is characterized in that, log in the workflow of private memory and belong to transition flow process, cannot persistence information, and also it is hidden in login process, can not be presented on computer monitor.
23. login private memory according to claim 20, is characterized in that, as the physical characteristic of memory storage, once the power supply of AIR processor is cut off, the user login information logged in private memory all disappears immediately.
24. login private memory according to claim 20, is characterized in that, the data flow channel logging in private memory is restricted, and it is only open-minded to interim storage user login information, and other data any will be rejected the access of memory.
25. AIR according to claim 1 store, it is characterized in that, the file of a partial data is shown on the display of computer, no matter whether there is amendment, as long as this file adopts AIR storage means again to be preserved, data will be split again, and then the data content of Data Division file will change, and original Data Division file will be capped.
26. AIR processors according to claim 4; it is characterized in that; described AIR processor provides writing protection function; if user is provided with write-protect; refusal file is repeated to preserve and amendment by system; in this case, the data content of local DSF can not often change, this applicable long term backup.
27. AIR processors according to claim 4, it is characterized in that, AIR processor splits the data of file with the ability making file lose the display information content, AIR processor does not possess multiple data and splits function, file is only split into two halves, one is long-range DSF, and another is local DSF.
28. AIR processors according to claim 4, it is characterized in that, AIR processor setting data splits the flow direction of file, long-range DSF only allows to flow to server and stores, local DSF only allows the outer cryopreservation device flowed on client platform to carry out stock, wherein local DSF has interface icon, and long-range DSF does not have interface icon.
29. AIR processors according to claim 4, it is characterized in that, user clicks the icon of local DSF, send a command to the webserver, send the internal code of local DSF to the webserver, first system from AIR processor retrieval server address, then will encrypt order to be sent and internal code by AIR processor simultaneously, then this order and internal code are again together with the hardware-core code of AIR processor, are sent to network interface unit.
30. AIR processors according to claim 4, it is characterized in that, network interface card port monitored by AIR processor, if server responds, AIR processor receives long-range DSF by network interface unit, decipher and transmit long-range DSF to local memory device, local DSF flows to local memory device via AIR processor simultaneously, and then the corresponding Data Division file of two parts enters data assembling flow process.
31. AIR processors according to claim 4, it is characterized in that, user deletes local DSF and sends order to server, require to delete corresponding long-range DSF, if network does not connect, AIR processor will remember this delete command, once network connects, AIR processor sends this delete command by network interface unit from trend server.
32. AIR according to claim 1 store, and it is characterized in that, the process of Data Division completes in local memory device.
33. data assemblings according to claim 2, it is characterized in that, long-range DSF is downloaded to local platform, and assemble in local DSF, to form a logical block, then Data Division file transform becomes the file of a partial data, and this realizes data assembling and file access pattern with special algorithm.
34. long-range DSF according to claim 7, is characterized in that, the long-range DSF of server end must accept the order that local platform is sent, and file assembling flow path can only complete on local platform, and, only have user to have the right of giving an order to server.
35. local DSF according to claim 8, is characterized in that, local DSF is when network connection interruption, and the Data Division file be stored in outer cryopreservation device belongs to hibernation file, and it cannot be activated.
36. AIR according to claim 1 store, and it is characterized in that, the platform of Data Division and assembling must be client platform, and server does not carry out any operation.
37. AIR according to claim 1 store, and it is characterized in that, Data Division file results from memory device.
38. according to Data Division file according to claim 37, it is characterized in that, Data Division file for departure place, is sent to local outer cryopreservation device and remote server stores with local memory device respectively.
39. data assemblings according to claim 33, is characterized in that, the assembling process of file data completes in local memory device.
40. data assemblings according to claim 33, is characterized in that, when user preserves the file data in local memory device, have two options, they are 1 respectively, and text is preserved, and in this case, the amendment of file all can be preserved with the form of complete file; 2, DSF preserves, and in this case, file is split into two parts of Data Division files automatically, and covers original file with this.
41. data according to claim 40 save options, it is characterized in that, when user selects text preserving type, also have two kinds of selections further, 1, file is temporarily stored in memory device until automatically disappear after shut down of computer; 2, be sent to outer cryopreservation device or remote server stores, in this case, Data Division file is originally covered automatically.
42. according to data assembling according to claim 39, it is characterized in that, the special area of local memory device reserved data split and assembling activity, to avoid data flow dissimilar in system mutually to conflict.
43. data assemblings according to claim 42, is characterized in that, the two parts of related datas being arranged in memory device split file and must successfully assemble, and file just cannot revert to good working condition, and data can not be assembled effectively, must restart assembling flow path.
44. data according to claim 41 save options, it is characterized in that, when user selects DSF preservation mode, file only just can be enabled when network connection status is good.
45. local DSF according to claim 5, is characterized in that, local DSF mutually can copy between cryopreservation device outside different this locality, also can with some outer cryopreservation device, the RAID1 of such as hard disk, carries out multiple duplication, to prevent loss of data, or improve equipment operating speed.
46. local DSF according to claim 45, it is characterized in that, network connection state is not good enough, or when Internet Transmission state is not good enough, the long-range DSF of server end cannot download to local memory device sometimes, and in this case, local DSF cannot start.
47. AIR processors according to claim 4, is characterized in that, the file copy function of AIR processor has two kinds of options to be supplied to user, and they are 1 respectively, and xcopy does not allow to modify; 2, xcopy allows to modify.
48. file copy functions according to claim 47, it is characterized in that, when user selects xcopy not allow to modify, once file is modified and requires to preserve, new file can be split data again by AIR processor, and store with the form of new Data Division file, new file will not cover original Data Division file.
49. file copy function according to claim 47, is characterized in that, when user selects xcopy to allow to modify, and to the file modification that copies in full and after storing, original document cannot start.
50. data according to claim 41 save options, it is characterized in that, Data Division file has to be selected to be converted into complete data file by user, and this complete data file is stored in the attribute of local outer cryopreservation device or remote server.
51. data according to claim 50 save options, it is characterized in that, after file type is changed, the file of partial data arbitrarily will be transmitted and is shown, no longer by the constraint of AIR storage rule.
52. data according to claim 50 save options, it is characterized in that, after type change preserved by file, local DSF and long-range DSF can be deleted automatically by system, and this process cannot reverse.
53. data according to claim 50 save options, it is characterized in that, user wants again to convert the file of partial data to Data Division file, AIR processor will be used for storing for local platform and remote server generate Data Division file respectively again, and newly-generated file possesses AIR storage characteristics.
54. long-range DSF according to claim 7, is characterized in that, the long-range DSF downloading to local platform from remote server is limited to be stored in memory device, and it cannot be transferred to local outer cryopreservation device.
55. according to data assembling according to claim 39, it is characterized in that, the AIR processor meeting file that generation one is new is automatically to replace assembling file, the file format that complete adaptive system requires by new file, the file of format is only temporarily preserved and operates in memory device, during this period, any change that file does all is stored among memory device.
56. AIR processor according to claim 4, is characterized in that, AIR processor does not limit classification and the type of outer cryopreservation device, as long as user selects AIR memory function, any existing outer cryopreservation device can work.
57. AIR processor according to claim 4, is characterized in that, AIR processor not restricting data fractionation file is stored in identical outer cryopreservation device together with the complete file of other type, but AIR processor only works to Data Division file.
58. AIR according to claim 1 store, and it is characterized in that, the file during AIR stores has four to identify for server identification, and they are the log-on message of the internal code of filename, DSF, user respectively, and the hardware-core code of AIR processor.
59. DSF internal codes according to claim 4, is characterized in that, Data Division file is while generation, AIR processor can give this file allocation internal code, and to identify as system identification, the internal code of DSF is sightless, it only supplies system identification, and user cannot discover.
60. DSF internal codes according to claim 59, it is characterized in that, delete the Data Division file at network two ends, as long as delete local DSF, in this case, the internal code of local DSF is also deleted, and the action of deleting local DSF internal code can be transformed into the order of deleting corresponding long-range DSF.
61. deletion Data Division files according to claim 60, it is characterized in that, user deletes local DSF from outer cryopreservation device, and only need click this file icon, the order of deleting corresponding long-range DSF will send to system in time.
62. deletion Data Division file according to claim 61, is characterized in that, if network connection interruption, AIR processor will remember the order of deleted file, until network connects smoothly; Once network successful connection, server can delete corresponding long-range DSF automatically according to the internal code of DSF.
63. deletion Data Division files according to claim 62, it is characterized in that, the pending program of described file deletion commands is also applicable to original document and xcopy.
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/IB2013/054785 WO2014199197A1 (en) | 2013-06-11 | 2013-06-11 | A method, system and product for securely storing data files at a remote location by splitting and reassembling said files |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105027498A true CN105027498A (en) | 2015-11-04 |
| CN105027498B CN105027498B (en) | 2018-05-18 |
Family
ID=52021707
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201380063564.3A Expired - Fee Related CN105027498B (en) | 2013-06-11 | 2013-06-11 | A kind of method and its system and device by remotely separating and assembling data file realization secure storage |
Country Status (4)
| Country | Link |
|---|---|
| US (1) | US20150244778A1 (en) |
| CN (1) | CN105027498B (en) |
| CA (1) | CA2886511A1 (en) |
| WO (1) | WO2014199197A1 (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105426775A (en) * | 2015-11-09 | 2016-03-23 | 北京联合大学 | Method and system for protecting information security of smartphone |
| CN107438848A (en) * | 2016-11-14 | 2017-12-05 | 北京大学深圳研究生院 | A kind of file security access method, terminal device and dedicated storage means |
| CN107563208A (en) * | 2017-08-10 | 2018-01-09 | 北京中科同向信息技术有限公司 | A kind of method of security of private data protection |
| CN107844274A (en) * | 2017-11-17 | 2018-03-27 | 北京联想超融合科技有限公司 | Hardware resource management method, apparatus and terminal based on super fusion storage system |
| CN109298836A (en) * | 2018-09-04 | 2019-02-01 | 航天信息股份有限公司 | Handle the method, apparatus and storage medium of data |
| CN108958719B (en) * | 2018-04-03 | 2020-08-11 | 北京航空航天大学 | Artificial intelligence writing method for source code of digital aircraft buffer area information processing |
| WO2020191529A1 (en) * | 2019-03-22 | 2020-10-01 | 西门子股份公司 | Code auditing method and device, and computer readable medium |
| CN111949996A (en) * | 2019-05-15 | 2020-11-17 | 北京奇安信科技有限公司 | Generation method, encryption method, system, device and medium of security private key |
| CN112199644A (en) * | 2020-10-09 | 2021-01-08 | 平安科技(深圳)有限公司 | Mobile terminal application program safety detection method, system, terminal and storage medium |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9652621B2 (en) * | 2014-05-15 | 2017-05-16 | Michael E. Johnson | Electronic transmission security process |
| KR20160041398A (en) * | 2014-10-07 | 2016-04-18 | 삼성전자주식회사 | Contents processing apparatus and contents processing method thereof |
| US11188665B2 (en) * | 2015-02-27 | 2021-11-30 | Pure Storage, Inc. | Using internal sensors to detect adverse interference and take defensive actions |
| DE102015103251B4 (en) * | 2015-03-05 | 2017-03-09 | Aly Sabri | Method and system for managing user data of a user terminal |
| JP6221196B1 (en) * | 2017-03-15 | 2017-11-01 | 株式会社ウフル | Log management system, log management apparatus, method, and computer program |
| US20180293261A1 (en) * | 2017-04-06 | 2018-10-11 | Doron Barack | Methods and systems for storing and retrieving data items |
| US10855744B2 (en) | 2017-06-21 | 2020-12-01 | Walmart Apollo, Llc | Systems and methods for dynamic file creation |
| CN114070567A (en) * | 2021-09-28 | 2022-02-18 | 中诚区块链研究院(南京)有限公司 | Zero-knowledge proof equal-block chain identity authentication and privacy protection core technology |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030177247A1 (en) * | 2000-05-03 | 2003-09-18 | Dunning Ted E. | File splitting, scalable coding, and asynchronous transmission in streamed data transfer |
| US20080168135A1 (en) * | 2007-01-05 | 2008-07-10 | Redlich Ron M | Information Infrastructure Management Tools with Extractor, Secure Storage, Content Analysis and Classification and Method Therefor |
| CN101510893A (en) * | 2008-12-25 | 2009-08-19 | 北京大学 | Method, device and transmission system for sending, transferring and receiving message document |
Family Cites Families (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6874060B2 (en) * | 2001-12-07 | 2005-03-29 | Dell Products L.P. | Distributed computer system including a virtual disk subsystem and method for providing a virtual local drive |
| JP2005538469A (en) * | 2002-09-10 | 2005-12-15 | イグザグリッド システムズ, インコーポレイテッド | Method and apparatus for server share transfer and server recovery using hierarchical storage management |
| US7181578B1 (en) * | 2002-09-12 | 2007-02-20 | Copan Systems, Inc. | Method and apparatus for efficient scalable storage management |
| US7111194B1 (en) * | 2003-03-21 | 2006-09-19 | Network Appliance, Inc. | Mirror split brain avoidance |
| US20100162002A1 (en) * | 2008-12-23 | 2010-06-24 | David Dodgson | Virtual tape backup arrangement using cryptographically split storage |
| CA2760251A1 (en) * | 2009-05-19 | 2010-11-25 | Security First Corp. | Systems and methods for securing data in the cloud |
| AU2011235068B2 (en) * | 2010-03-31 | 2015-10-01 | Security First Corp. | Systems and methods for securing data in motion |
| US9460307B2 (en) * | 2010-06-15 | 2016-10-04 | International Business Machines Corporation | Managing sensitive data in cloud computing environments |
| WO2013069329A1 (en) * | 2011-11-10 | 2013-05-16 | 株式会社スクウェア・エニックス | Data transmission and reception system |
| US20140108617A1 (en) * | 2012-07-12 | 2014-04-17 | Unisys Corporation | Data storage in cloud computing |
-
2013
- 2013-06-11 CN CN201380063564.3A patent/CN105027498B/en not_active Expired - Fee Related
- 2013-06-11 US US14/432,197 patent/US20150244778A1/en not_active Abandoned
- 2013-06-11 WO PCT/IB2013/054785 patent/WO2014199197A1/en active Application Filing
- 2013-06-11 CA CA 2886511 patent/CA2886511A1/en not_active Abandoned
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030177247A1 (en) * | 2000-05-03 | 2003-09-18 | Dunning Ted E. | File splitting, scalable coding, and asynchronous transmission in streamed data transfer |
| US20080168135A1 (en) * | 2007-01-05 | 2008-07-10 | Redlich Ron M | Information Infrastructure Management Tools with Extractor, Secure Storage, Content Analysis and Classification and Method Therefor |
| CN101510893A (en) * | 2008-12-25 | 2009-08-19 | 北京大学 | Method, device and transmission system for sending, transferring and receiving message document |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105426775B (en) * | 2015-11-09 | 2018-06-19 | 北京联合大学 | A kind of method and system for protecting smart mobile phone information security |
| CN105426775A (en) * | 2015-11-09 | 2016-03-23 | 北京联合大学 | Method and system for protecting information security of smartphone |
| CN107438848A (en) * | 2016-11-14 | 2017-12-05 | 北京大学深圳研究生院 | A kind of file security access method, terminal device and dedicated storage means |
| WO2018086120A1 (en) * | 2016-11-14 | 2018-05-17 | 北京大学深圳研究生院 | Secure file access method, terminal apparatus and dedicated storage device |
| CN107563208A (en) * | 2017-08-10 | 2018-01-09 | 北京中科同向信息技术有限公司 | A kind of method of security of private data protection |
| CN107844274A (en) * | 2017-11-17 | 2018-03-27 | 北京联想超融合科技有限公司 | Hardware resource management method, apparatus and terminal based on super fusion storage system |
| CN108958719B (en) * | 2018-04-03 | 2020-08-11 | 北京航空航天大学 | Artificial intelligence writing method for source code of digital aircraft buffer area information processing |
| CN109298836A (en) * | 2018-09-04 | 2019-02-01 | 航天信息股份有限公司 | Handle the method, apparatus and storage medium of data |
| CN109298836B (en) * | 2018-09-04 | 2022-07-08 | 航天信息股份有限公司 | Method, apparatus and storage medium for processing data |
| WO2020191529A1 (en) * | 2019-03-22 | 2020-10-01 | 西门子股份公司 | Code auditing method and device, and computer readable medium |
| CN111949996A (en) * | 2019-05-15 | 2020-11-17 | 北京奇安信科技有限公司 | Generation method, encryption method, system, device and medium of security private key |
| CN112199644A (en) * | 2020-10-09 | 2021-01-08 | 平安科技(深圳)有限公司 | Mobile terminal application program safety detection method, system, terminal and storage medium |
| WO2022073340A1 (en) * | 2020-10-09 | 2022-04-14 | 平安科技(深圳)有限公司 | Mobile terminal application security detection method and system, terminal, and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CA2886511A1 (en) | 2014-12-18 |
| WO2014199197A1 (en) | 2014-12-18 |
| CN105027498B (en) | 2018-05-18 |
| US20150244778A1 (en) | 2015-08-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105027498A (en) | A method, system and device for securely storing data files at a remote location by splitting and reassembling said files | |
| CN101901315B (en) | Security isolation and monitoring management method of USB mobile storage media | |
| CN102624699B (en) | Method and system for protecting data | |
| CN104246698B (en) | Elastic operation is system computerized | |
| CN101072102B (en) | Information leakage preventing technology based on safety desktop for network environment | |
| CN104580395B (en) | A kind of cloudy collaboration Storage Middleware Applying system based on existing cloud storage platform | |
| CN106027552A (en) | Method and system for accessing cloud storage data by user | |
| CN109446259B (en) | Data processing method and device, processor and storage medium | |
| CN101923678A (en) | Data security protection method of enterprise management software | |
| CN102546664A (en) | User and authority management method and system for distributed file system | |
| CN107301544A (en) | A kind of safe Wallet System of block chain | |
| CN201682524U (en) | Document transfer authority control system based on document filtering driver | |
| CN102693399B (en) | System and method for on-line separation and recovery of electronic documents | |
| CN101827101A (en) | Information asset protection method based on credible isolated operating environment | |
| CN107409129B (en) | Use the authorization in accesses control list and the distributed system of group | |
| EP3185465A1 (en) | A method for encrypting data and a method for decrypting data | |
| CN102571380A (en) | Multi-instance GIS platform unified user management method and system | |
| WO2024002103A1 (en) | Data asset management method and data asset active management system | |
| WO2024002105A1 (en) | Data asset usage control method, client and intermediate service platform | |
| Mythili et al. | Trust management approach for secure and privacy data access in cloud computing | |
| CN108737079B (en) | Distributed quantum key management system and method | |
| CN105279453A (en) | Separate storage management-supporting file partition hiding system and method thereof | |
| US20120179647A1 (en) | System and method for multi-party document revision | |
| CN107070881A (en) | key management method, system and user terminal | |
| CN106529216B (en) | Software authorization system and software authorization method based on public storage platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20180518 Termination date: 20200611 |